[openstack-dev] IP Spoofing Security Issue in Gateway VM

Aradhana Adhikari aradhanaad.conexant at gmail.com
Tue Nov 19 00:06:34 UTC 2013


Hi Neutron/VPNaaS Team,

  I am trying to configure VPN with latest Havana releaseand I have some
concerns regarding gateway VM set-up. While configuring a VPN with
strongSwan or OpenSwan, we have to disable the port security to enable port
forwarding which makes the gateway VM vulnerable to IP spoofing.

   Are there any other ways to enable port forwarding in a gateway VM
without disabling the port security? OR Are there plans to fix this issue
in the upcoming release?

 Please let me know.


thanks,

AD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131118/9e2a459c/attachment.html>


More information about the OpenStack-dev mailing list